<?php
function curl_get($_arg_0)
{
    $_var_1 = curl_init($_arg_0);
    $_var_2[] = "Accept: */*";
    $_var_2[] = "Accept-Encoding: gzip,deflate,sdch";
    $_var_2[] = "Accept-Language: zh-CN,zh;q=0.8";
    $_var_2[] = "Connection: close";
    curl_setopt($_var_1, CURLOPT_HTTPHEADER, $_var_2);
    curl_setopt($_var_1, CURLOPT_SSL_VERIFYPEER, false);
    curl_setopt($_var_1, CURLOPT_SSL_VERIFYHOST, false);
    curl_setopt($_var_1, CURLOPT_ENCODING, "gzip");
    curl_setopt($_var_1, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($_var_1, CURLOPT_USERAGENT, "Mozilla/5.0 (Linux; U; Android 4.4.1; zh-cn; R815T Build/JOP40D) AppleWebKit/533.1 (KHTML, like Gecko)Version/4.0 MQQBrowser/4.5 Mobile Safari/533.1");
    curl_setopt($_var_1, CURLOPT_TIMEOUT, 30);
    $_var_3 = curl_exec($_var_1);
    curl_close($_var_1);
    return $_var_3;
}
function getSetting($_arg_0, $_arg_1 = false)
{
    global $DB;
    global $CACHE;
    if ($_arg_1) {
        return $_var_4[$_arg_0] = $DB->get_row("SELECT v FROM authguao_config WHERE k='" . $_arg_0 . "' limit 1");
    }
    $_var_5 = $CACHE->get($_arg_0);
    return $_var_5[$_arg_0];
}
function saveSetting($_arg_0, $_arg_1)
{
    global $DB;
    $_arg_1 = daddslashes($_arg_1);
    return $DB->query("REPLACE INTO authguao_config SET v='" . $_arg_1 . "',k='" . $_arg_0 . "'");
}
function myscandir($_arg_0)
{
    foreach (glob($_arg_0) as $_var_1) {
        if (is_dir($_var_1)) {
            echo $_var_1 . "<br/>";
        }
    }
}
// function update_version()
// {
    // $authurls_arr = ['auth.hrbwj.cc'];
    // $authurls = $authurls_arr[array_rand($authurls_arr, 1)];
    // $query = curl_get('http://'.$authurls.'/api/check.php?proid=1&url='.$_SERVER['HTTP_HOST'].'&authcode='.authcode.'&ver='.VERSION);
    // if($query = json_decode($query,true)){
        // return $query;
    // }
    // return false;
// }
function processOrder($srow)
{
    global $islogin2;
    global $DB;
    global $date;
    global $conf;
    $input = explode("|", $srow["input"]);
    if ($srow["type"] == 1) {
        $uid = intval($srow["input"]);
        $DB->query("update `authguao_user` set `rmb`=`rmb`+" . $srow["money"] . " where `uid`='" . $uid . "'");
        addPointRecord($srow["input"], $srow["money"], "充值", "你在线充值了" . $srow["money"] . "元余额");
        if ($conf['recharge_rebate'] == 1 && $conf['recharge_rebate'] != "") {
            $rebate_rule = explode(',', $conf['recharge_rebate_rule']);
            $rebate_arr = array();
            foreach ($rebate_rule as $row) {
                $arr = explode('|', $row);
                $rebate_arr[$arr[0]] = $arr[1];
            }
            krsort($rebate_arr);
            foreach ($rebate_arr as $key => $value) {
                if ($srow["money"] >= $key) {
                    $money = round($value, 2);
                    break;
                }
            }
            if ($money < $srow["money"] && $money > 0) {
                $DB->query("update `authguao_user` set `rmb`=`rmb`+" . $money . " where `uid`='" . $uid . "'");
                addPointRecord($srow["input"], $money, '返利', "你在线充值了" . $srow["money"] . "，本次返利" . $money . "元已到账，感谢充值！");
            }
        }
        return true;
    }
    if ($srow["type"] == 2) {
        $uid = addslashes($input[0]);
        $proid = intval($input[1]);
        $name = addslashes($input[2]);
        $qq = addslashes($input[3]);
        $url = addslashes($input[4]);
        $authcode = addslashes($input[5]);
        $sign = addslashes($input[6]);
        $endtime = addslashes($input[7]);
        if($conf['invite_rebate_open']==1){
            $invitecode = addslashes($input[8]);
        }
        $DB->query("insert into `authguao_site` (`uid`,`proid`,`name`,`qq`,`url`,`date`,`authcode`,`active`,`sign`,`token`,`endtime`) values ('".$uid."','".$proid."','".$name."','".$qq."','".$url."','".$date."','".$authcode."','1','".$sign."','".random(32)."','".$endtime."')");
        if($conf['invite_rebate_open']==1){
            if ($invitecode) {
                $invitecoderow = $DB->get_row("select * from authguao_user where invitecode='" . $invitecode . "' limit 1");
                if ($invitecoderow && $invitecoderow['uid'] > 1) {
                    $money = round($srow['money']*$conf['invite_rebate_sq']/100, 2);
                    addInviteLog($invitecoderow["uid"], $qq, 1, $money, "你邀请用户购买程序【".$program['name']."】的授权获得" . $money . "元奖励");
                }
            }
        }
        return true;
    }
    if ($srow["type"] == 3) {
        $uid = addslashes($input[0]);
        $proid = intval($input[1]);
        $name = addslashes($input[2]);
        $qq = addslashes($input[3]);
        $url = addslashes($input[4]);
        if($conf['invite_rebate_open']==1){
            $invitecode = addslashes($input[5]);
        }
        $DB->query("insert into `authguao_paysite` (`uid`,`proid`,`name`,`qq`,`url`,`date`,`active`) values ('".$uid."','".$proid."','".$name."','".$qq."','".$url."','".$date."','1')");
        if($conf['invite_rebate_open']==1){
            if ($invitecode) {
                $invitecoderow = $DB->get_row("select * from authguao_user where invitecode='" . $invitecode . "' limit 1");
                if ($invitecoderow && $invitecoderow['uid'] > 1) {
                    $money = round($srow['money']*$conf['invite_rebate_rz']/100, 2);
                    addInviteLog($invitecoderow["uid"], $qq, 2, $money, "你邀请用户购买程序【".$program['name']."】的易支付域名认证获得" . $money . "元奖励");
                }
            }
        }
        return true;
    }
    if ($srow["type"] == 4) {
        $uid = addslashes($input[0]);
        $power = intval($input[1]);
        $proid = intval($input[2]);
        $user = addslashes($input[3]);
        $pwd = addslashes($input[5]);
        $qq = addslashes($input[6]);
        $email = addslashes($input[7]);
        if($conf['invite_rebate_open']==1){
            $invitecode = addslashes($input[8]);
        }
        if ($power == 1) {
            $rebate = $conf['invite_rebate_sqs'];
            $name = '购买程序'.$program['name'].'的授权商';
        } else if ($power == 2) {
            $rebate = $conf['invite_rebate_cg'];
            $name = '购买程序'.$program['name'].'的超级管理员';
        } else if ($power == 3) {
            $rebate = $conf['invite_rebate_qngly'];
            $name = '购买平台全能管理员';
        }
        $DB->query("insert into `authguao_user` (`upuid`,`power`,`proid`,`user`,`pwd`,`rmb`,`qq`,`email`,`invitecode`,`addtime`,`status`) values ('" . $uid . "','" . $power . "','" . $proid . "','" . $user . "','" . $pwd . "','0.00','" . $qq . "','" . $email . "','" . random(8) . "','" . $date . "','1')");
        if($conf['invite_rebate_open']==1){
            if ($invitecode) {
                $invitecoderow = $DB->get_row("select * from authguao_user where invitecode='" . $invitecode . "' limit 1");
                if ($invitecoderow && $invitecoderow['uid'] > 1) {
                    $money = round($srow['money']*$rebate/100, 2);
                    addInviteLog($invitecoderow["uid"], $qq, 3, $money, "你邀请用户" . $name . "获得" . $money . "元奖励");
                }
            }
        }
        return true;
    }
}
function addPointRecord($uid, $point = 0, $action = "提成", $bz = NULL)
{
    global $DB;
    $action = addslashes($action);
    $bz = addslashes($bz);
    $DB->query("INSERT INTO `authguao_points` (`uid`, `action`, `point`, `bz`, `addtime`) VALUES ('" . $uid . "', '" . $action . "', '" . $point . "', '" . $bz . "', NOW())");
}
function addInviteLog($uid, $qq, $type, $money = 0, $bz = NULL)
{
    global $DB;
    $action = addslashes($action);
    $bz = addslashes($bz);
    $DB->query("INSERT INTO `authguao_points` (`uid`, `qq`, `type`, `point`, `bz`, `creation_time`) VALUES ('" . $uid . "', '" . $qq . "', '" . $type . "', '" . $point . "', '" . $bz . "', NOW())");
}
function rollbackPoint($id)
{
    global $DB;
    $rs = $DB->query("SELECT id,uid,point FROM authguao_points WHERE orderid='" . $id . "' AND action='提成' LIMIT 2");
    while ($res = $DB->fetch($rs)) {
        $DB->query("UPDATE authguao_user SET rmb=rmb-" . $res["point"] . " WHERE uid='" . $res["uid"] . "'");
        $DB->query("DELETE FROM authguao_points WHERE id='" . $res["id"] . "'");
    }
}
function log_result($uid, $type, $data, $ip, $city)
{
    global $DB;
    $uid = intval($uid);
    $type = addslashes($type);
    $data = addslashes($data);
    $ip = addslashes($ip);
    $city = addslashes($city);
    $DB->query("INSERT INTO `authguao_log` (`uid`, `type`, `data`, `ip`, `city`, `date`) VALUES ('" . $uid . "', '" . $type . "', '" . $data . "', '" . $ip . "', '" . $city . "', NOW())");
}
function sysmsge($msg = '未知的异常', $die = true) {
    echo "  \r\n    <!DOCTYPE html>\r\n    <html xmlns=\"http://www.w3.org/1999/xhtml\" lang=\"zh-CN\">\r\n    <head>\r\n        <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\r\n        <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\">\r\n        <title>站点提示信息</title>\r\n        <style type=\"text/css\">\r\nhtml{background:#eee}body{background:#fff;color:#333;font-family:\"微软雅黑\",\"Microsoft YaHei\",sans-serif;margin:2em auto;padding:1em 2em;max-width:700px;-webkit-box-shadow:10px 10px 10px rgba(0,0,0,.13);box-shadow:10px 10px 10px rgba(0,0,0,.13);opacity:.8}h1{border-bottom:1px solid #dadada;clear:both;color:#666;font:24px \"微软雅黑\",\"Microsoft YaHei\",,sans-serif;margin:30px 0 0 0;padding:0;padding-bottom:7px}#error-page{margin-top:50px}h3{text-align:center}#error-page p{font-size:9px;line-height:1.5;margin:25px 0 20px}#error-page code{font-family:Consolas,Monaco,monospace}ul li{margin-bottom:10px;font-size:9px}a{color:#21759B;text-decoration:none;margin-top:-10px}a:hover{color:#D54E21}.button{background:#f7f7f7;border:1px solid #ccc;color:#555;display:inline-block;text-decoration:none;font-size:9px;line-height:26px;height:28px;margin:0;padding:0 10px 1px;cursor:pointer;-webkit-border-radius:3px;-webkit-appearance:none;border-radius:3px;white-space:nowrap;-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box;-webkit-box-shadow:inset 0 1px 0 #fff,0 1px 0 rgba(0,0,0,.08);box-shadow:inset 0 1px 0 #fff,0 1px 0 rgba(0,0,0,.08);vertical-align:top}.button.button-large{height:29px;line-height:28px;padding:0 12px}.button:focus,.button:hover{background:#fafafa;border-color:#999;color:#222}.button:focus{-webkit-box-shadow:1px 1px 1px rgba(0,0,0,.2);box-shadow:1px 1px 1px rgba(0,0,0,.2)}.button:active{background:#eee;border-color:#999;color:#333;-webkit-box-shadow:inset 0 2px 5px -3px rgba(0,0,0,.5);box-shadow:inset 0 2px 5px -3px rgba(0,0,0,.5)}table{table-layout:auto;border:1px solid #333;empty-cells:show;border-collapse:collapse}th{padding:4px;border:1px solid #333;overflow:hidden;color:#333;background:#eee}td{padding:4px;border:1px solid #333;overflow:hidden;color:#333}\r\n        </style>\r\n    </head>\r\n    <body id=\"error-page\">\r\n        ";
    echo "<h3>站点提示信息</h3>";
    echo $msg;
    echo "    </body>\r\n    </html>\r\n    ";
    if ($die == true) {
        exit(0);
    }
}
function rm_dir($_arg_0)
{
    if (!is_dir($_arg_0)) {
        return false;
    }
    $_var_1 = opendir($_arg_0);
    while ($_var_2 = readdir($_var_1)) {
        if ($_var_2 != "." && $_var_2 != "..") {
            $_var_3 = $_arg_0 . "/" . $_var_2;
            if (!is_dir($_var_3)) {
                unlink($_var_3);
            } else {
                rm_dir($_var_3);
            }
        }
    }
    closedir($_var_1);
    if (rmdir($_arg_0)) {
        return true;
    }
    return false;
}
function sec_check()
{
    global $conf;
    global $dbconfig;
    $_var_2 = array("readme.txt.zip", "mini.php.zip", "index.php.zip", "cron.php.zip", "config.php.zip", "api.php.zip", "ajax.php.zip", "archive.zip", "wwwroot.zip", "www.zip", "web.zip", "bf.zip", "beifen.zip", "backup.zip", "yuanma.zip", "1.zip", "2.zip", "daiauthguao.zip", "ds.zip", "htdocs.zip", "wz.zip", "1.zip", "2.zip", "123.zip");
    foreach ($_var_2 as $_var_3) {
        if (file_exists(ROOT . $_var_3)) {
            unlink(ROOT . $_var_3);
        }
    }
    $_var_4 = glob(ROOT . "daiauthguao_release_*");
    foreach ($_var_4 as $_var_5) {
        unlink($_var_5);
    }
    $_var_4 = glob(ROOT . "daiauthguao_update_*");
    foreach ($_var_4 as $_var_5) {
        unlink($_var_5);
    }
    $_var_6 = array();
    $_var_4 = glob(ROOT . "assets/img/*.php");
    foreach ($_var_4 as $_var_5) {
        unlink($_var_5);
    }
    if (strpos($_SERVER["SERVER_SOFTWARE"], "kangle") !== false && function_exists("pcntl_exec")) {
        $_var_6[] = "<li class=\"list-group-item\"><span class=\"layui-btn layui-btn-sm btn-danger\">高危</span>&nbsp;当前主机为kangle且开启了php的pcntl组件，会被黑客入侵，请联系主机商修复或更换主机</a></li>";
    }
    if (strpos($_SERVER["SERVER_SOFTWARE"], "kangle") !== false && count(glob("/vhs/kangle/etc/*")) > 1) {
        $_var_6[] = "<li class=\"list-group-item\"><span class=\"layui-btn layui-btn-sm btn-danger\">高危</span>&nbsp;当前主机为kangle且未设置open_basedir防跨站，会被黑客入侵，请联系主机商修复或更换主机</a></li>";
    }
    if ($conf["admin_pwd"] === "123456") {
        $_var_6[] = "<li class=\"list-group-item\"><span class=\"layui-btn layui-btn-sm btn-danger\">重要</span>&nbsp;请及时修改默认管理员密码 <a href=\"set.php?mod=account\">点此进入网站信息配置修改</a></li>";
    } else {
        if (strlen($conf["admin_pwd"]) < 6 || is_numeric($conf["admin_pwd"]) && strlen($conf["admin_pwd"]) <= 10 || $conf["admin_pwd"] === $conf["kfqq"]) {
            $_var_6[] = "<li class=\"list-group-item\"><span class=\"layui-btn layui-btn-sm btn-danger\">重要</span>&nbsp;网站管理员密码过于简单，请不要使用较短的纯数字或自己的QQ号当做密码</li>";
        } else {
            if ($conf["admin_user"] === $conf["admin_pwd"]) {
                $_var_6[] = "<li class=\"list-group-item\"><span class=\"layui-btn layui-btn-sm btn-danger\">重要</span>&nbsp;网站管理员用户名与密码相同，极易被黑客破解，请及时修改密码</li>";
            }
        }
    }
    if (strlen($dbconfig["pwd"]) < 5 || is_numeric($dbconfig["pwd"]) && strlen($dbconfig["pwd"]) <= 10 || $dbconfig["pwd"] === $conf["kfqq"]) {
        $_var_6[] = "<li class=\"list-group-item\"><span class=\"layui-btn layui-btn-sm btn-danger\">重要</span>&nbsp;当前主机的数据库密码过于简单，请不要使用较短的纯数字或自己的QQ号当做数据库密码</li>";
    } else {
        if ($dbconfig["pwd"] === $dbconfig["user"]) {
            $_var_6[] = "<li class=\"list-group-item\"><span class=\"layui-btn layui-btn-sm btn-danger\">重要</span>&nbsp;当前主机的数据库用户名与密码相同，极易被黑客破解，请及时修改数据库密码</li>";
        }
    }
    $_var_7 = glob(ROOT . "*.zip");
    $_var_8 = glob(ROOT . "*.7z");
    $_var_9 = glob(ROOT . "*.rar");
    if ($_var_7 && count($_var_7) > 0 || $_var_8 && count($_var_8) > 0 || $_var_9 && count($_var_9) > 0) {
        $_var_6[] = "<li class=\"list-group-item\"><span class=\"layui-btn layui-btn-sm btn-warning\">提示</span>&nbsp;网站根目录存在压缩包文件，可能会被人恶意获取并泄露数据库密码，请及时删除</a></li>";
    }
    return $_var_6;
}
function fanghongdwz($_arg_0, $_arg_1 = false)
{
    global $conf;
    $_var_3 = substr(md5($_arg_0), 0, 6);
    if (isset($_SESSION["dwz_" . $_var_3]) && $_arg_1 == false) {
        return $_SESSION["dwz_" . $_var_3];
    }
    if ($conf["fanghong_url"] && strpos($conf["fanghong_url"], "http") !== false && strpos($conf["fanghong_url"], "=") !== false && strpos($conf["fanghong_url"], "/") !== false) {
        $_var_4 = get_curl($conf["fanghong_url"] . urlencode($_arg_0));
        if ($_var_5 = json_decode($_var_4, true)) {
            $_var_4 = implode($_var_5, ",");
        }
        if (strpos($_var_4, "//t.cn/") !== false) {
            $_arg_0 = "http:" . substr($_var_4, strrpos($_var_4, "//t.cn/"), 14);
        } else {
            if (strpos($_var_4, "//w.url.cn/") !== false) {
                $_arg_0 = "https:" . substr($_var_4, strrpos($_var_4, "//w.url.cn/"), 20);
            } else {
                if (strpos($_var_4, "//url.cn/") !== false) {
                    $_arg_0 = "https:" . substr($_var_4, strrpos($_var_4, "//url.cn/"), 16);
                } else {
                    if (strpos($_var_4, "//t.kugou.com/") !== false) {
                        $_arg_0 = "http:" . substr($_var_4, strrpos($_var_4, "//t.kugou.com/"), 25);
                    } else {
                        if (isset($_var_5["ae_url"])) {
                            $_arg_0 = $_var_5["ae_url"];
                        } else {
                            if (isset($_var_5["dwz1"])) {
                                $_arg_0 = $_var_5["dwz1"];
                            } else {
                                if (isset($_var_5["url"])) {
                                    $_arg_0 = $_var_5["url"];
                                } else {
                                    return $_arg_0;
                                }
                            }
                        }
                    }
                }
            }
        }
        $_SESSION["dwz_" . $_var_3] = $_arg_0;
    }
    return $_arg_0;
}